Tagged Questions

Wireshark is a graphical packet capture and analyser open-source software. It can be used for a variety of network communication analysis tasks like protocol development and troubleshooting. It shows packets on the IP level.

I have searched the web a numerous times but haven't found an explicit answer to my question.
I've studied (at school and on my own) computer networks for 2 years, doing active programming for 4 years ...

So I am trying to figure out what the packet payload is off of a possible TLS HeartBleed alert from my IDS. I have read that Wireshark is able to do it with some certain keys, but isn't that in real ...

Does wifi work as a star network with a switch or does it work like a bus ?
To be more precise, if I am in promiscuous mode, do I only see my traffic and broadcasted messages or do I get every packet ...

I have a pcap in which the length of packet is more than the MTU. There is a option in wireshark to export the object but that is for only http and smb. Is there a way to split the packet in MTU size ...

Is there such thing as a firewall with packet inspection? Most outbound firewalls simply prompt the user with "program.exe is trying to connect to the internet - allow or deny?". I find it impossible ...

In my code, I use JSSE6 API to specify a list of enabled cipher suites. I aimed to only allow 168 bits or higher encryption cipher suites, below is a part of my code:
/** List of 168 bits encryption ...

I have a sync app that doesn't work and the developer asked me to try and perform a sync with Wireshark capturing the data and send the Wireshark log to him.
I noticed that Wireshark saves sensitive ...

I need to capture/analyse the packets of another system connected to same network, is it possible with Wireshark? I have Wireshark installed on my system; what options do I need to capture packets of ...

I was reading this paper on SSL/TLS from the SANS Reading Room on how to capture and decrypt your own SSL traffic with Wireshark. I wanted to capture the credentials used to login to gmail. When the ...

I've just noticed today that YouTube have implemented SSL over the entire service (including video transfer). I've analyzed the partial SSL YouTube had before and it encrypted the video request but ...

I'm fooling around with Wireshark to capture the activation packets for an iPhone and some other stuff, however the traffic is encrypted. There should be a private SSL key somewhere on my computer to ...

I subscribed to a VPN service recently, and installed wireshark to take a look at the traffic sent from my computer.
Practically all of it goes through UDP protocol, encrypted. But there are two HTTP ...

I carried out an arp poisoning attack from my virtual machine to real machine with cain and able and collected data with wireshark from real machine. While I was investigating data with wireshark I ...

I've been monitoring my network traffic with Little Snitch, and today, when launching Chrome, just the default Chrome tab (shows most frequent sites), it alerted me Chrome was trying to connect over ...

I want to use my computer to capture packets sent by my Android phone in applications: e.g. YouTube.
I captured http requests coming from the machine where Wireshark is installed already, now I want ...

I am capturing a pop3 netcat connection (port 110) using Wireshark, on Debian linux (Kali). After filtering packets with (tcp.port eq 110) I get few packets but once I R.Click on any and click "Follow ...

I am trying to look at traffic between my phone and the outside world, and for whatever reason I can't see the outside world's traffic coming in.
I am running Wireshark on a Kali box, I turned on the ...

I have a webserver in my windows machine running Apache(XAMPP).
I have created an Android application that connect to my webserver at localhost.
How can I capture the data with wireshark on localhost?
...

I'm studying the SSL/TLS protocol, more specifically its handshake. I know that initially, a client sends a Client Hello message to the server which includes the TLS version supported by the client.
...

I am trying to figure out if some Android applications with login functions are vulnerable to man in the middle attacks or not.
I have set up a MITM proxy (as an attacker) on my lubuntu machine and ...

My machine along with several other machines are connected to wireless router.
When i open some http page on same machine(M1) where wireshark is installed, it captures the packets such as HTTP GET or ...

Hi I am learning system security in an online course, in a practical experiment I tried to monitor the traffic through my router using wireshark1.10.3 but i have a feeling that it only sensing traffic ...

Some time ago i try Wireshark at my home local network just for see how it works. I scan the connection of my mac to the router and also to other external ips. The flow of connections were high when i ...

I have been attempting to run a MiTM on a very old XP SP3 computer. I have attempted it with 3 products, as listed below:
Wireshark: Traffic from the computer did not even show up. (I did see traffic ...

Here is what I tried:
tshark -r test.pcap -T fields -e ip.proto > output.csv
But this can only show all the protocols in the csv files.
I want to show only the top level of protocol numbers such as ...

You can configure Windows to use only certain cipher suites during things like Remote Desktop sessions. Cipher suites such as RC4 56 bit, RC4 128 bit, Triple DES 168 bit, etc.
SSL/TLS is not in play ...